Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

A new phishing kit is impersonating the Italian IT and web services provider Aruba, according to researchers at Group-IB. The kit is designed to trick users into entering their Aruba credentials, granting attackers access to sensitive accounts. “Such a target offers significant payoff: compromising a single account can expose critical business assets, from hosted websites to domain controls and email environments,” Group-IB says.

Crowdsourced penetration testing promises broad coverage, flexible resourcing, and cost efficiency by tapping into a distributed pool of security testers. Trustwave, A LevelBlue Company, realizes that not every organization has the financial resources to partner with a security firm with dedicated penetration testing capabilities. At the same time, we want to make organizations aware of the many pitfalls in the crowdsourced pen-testing market and offer a few pointers on choosing the right vendors.

Malicious threat actors don’t work a 9-to-5 schedule, and they definitely don’t take a break when your organization’s annual security assessments are complete. Instead, they constantly put your security posture to the test—day after day, month after month, all year long. That’s why annual penetration tests and periodic validation campaigns are insufficient in today’s threat landscape.

For every organization, no matter the size or industry, the integrity and security of data is more crucial than ever as it faces the possibility of a cyber breach everyday. But what separates a company that bounces back quickly from one that suffers irreparable damage? The answer largely resides in how promptly and accurately the breach is reported and how it is handled thereafter.

Cybersecurity is no longer just an IT issue; it is a strategic imperative that touches every aspect of modern business. In today’s digital landscape, organizations face increasingly sophisticated threats that can disrupt operations, tarnish reputations, and lead to significant financial losses. A unified approach that integrates cybersecurity with governance, risk management, and compliance (GRC) strategies is the key to building robust defenses.

Remember the early days of remote work? We traded our cubicles for kitchen tables and suddenly, our homes became our headquarters. This shift to the Hybrid Workforce has been incredible for flexibility, but let’s be honest: it tossed the old corporate security playbook out the window. The old way was easy: a big firewall at the office door, and you were safe. Now, that “door” is every employee’s home router, every personal laptop, and every late-night click when fatigue sets in.

The best part about my job is that I sometimes get to make some controversial statements. Well, as controversial as things can be in a niche area of cybersecurity like “what is a reasonable measure of vulnerability risk?” Along with my colleague Sander Vinberg we got to explore this question earlier this year at the second Annual VulnCon conference in Raleigh. Even though it’s only been held twice, it is quickly becoming one of my favorite conferences.

SEO poisoning has become a major driver of phishing‑driven credential theft. Attackers manipulate search engine results and paid ads so users click on what appears to be a legitimate brand link, only to land on a fake website built to steal login credentials. Attackers combine domain abuse, cloaking, and keyword hijacking to move malicious pages to the top of search results.

Converge 2025 keynotes opened with a clear message: resilience isn’t enough in an era of complexity and AI-driven threats. Here’s how Tanium and its customers are shaping the future of Autonomous IT.

MSPs often rely on managed detection and response (MDR) integrations, which provides enterprise-grade security capabilities without the need for in-house analysts or complex infrastructure. As MSPs grow into medium-sized businesses, they typically expand into extended detection and response (XDR) integrations, giving greater visibility across multiple security layers (endpoints, networks and cloud) and more control over how they manage and respond to threats.